Stephen J. Smoogen wrote:
From my day job. When looking at purchasing various products, we go
from our Department guides which are based on OMB and/or NIST
standards. If the US Govt is serious about it.. then the OMB would put
in a clause that US Government funds could only be used when the
anti-virus company meets XYZ NIST standard. Then the various US
Departments (Energy, Defense, Homeland Security, etc) will write up
procurement standards to meet those guidelines.
If the US Govt is not serious about it, then they wont. It usually
takes 2-4 years for one of these procedural changes to work their way
through the bueracracy so I wouldnt expect it til 2008 but could be
wrong as some things get pushed by OMB as an immediate item.
So you have experienced first hand, where 'open source' (free as in
speech) products have gotten the cold shoulder due to OMB in U.S.
Federal Government? I bring this up not as a slam against anyone having
what seem to be rash reactions to what appears to be a generally
harmless practice that Mitre has performed in the past (ala CVE) - but
out of a real personal curiousity. While I have certainly seen Open
Source solutions get the cold shoulder in U.S. State government as well
as the private sector - I have yet to see anyone use NIST or budgeting
requirements as an argument against it. And really, thats what I mean
by a 'basis of reference'.
Tripp
_______________________________________________
http://lurker.clamav.net/list/clamav-users.html
